<?
class Users
{
	static function GetAll()
	{
		$conn = getConnection();
		$sql = '
			SELECT *
			FROM 2011_Users U
			';
		
		return $conn->query($sql);
	}
	static function Get($id)
	{
		$conn = getConnection();
		$result = $conn->query("SELECT * FROM 2011_Users WHERE id=$id");
		$rs = $result->fetch_assoc();
		$conn->close();
		return $rs;
	}
	static function Blank()
	{
		return array();
	}
	static function Save(&$rs)
	{
		$conn = getConnection();
		$rs_old = $rs;
		$rs = Users::EscapeAll($conn, $rs);
		if(isset($rs['id']))	// Editing
		{
			$sql = 	"UPDATE 2011_Users SET "
			.		" FirstName='$rs[FirstName]',"
			.		" LastName='$rs[LastName]',"
			.		" Password='$rs[Password]',"
			.		" PictureURL='$rs[PictureURL]',"
			.		" FBID='$rs[FBID]',"
			.		" Lookup_id='$rs[Lookup_id]'"
			.		" WHERE id=$rs[id]"
			;
		}else{					// Adding
			$sql = 	"INSERT INTO 2011_Users (FirstName, LastName, Lookup_id, Password, `PictureURL`,FBID) "
			.		"Values ('$rs[FirstName]', '$rs[LastName]', '$rs[Lookup_id]', '$rs[Password]', '$rs[PictureURL]','$rs[FBID]')";
		}
		$rs = $rs_old;
		echo  $sql;
		$result = $conn->query($sql);
		$error = $conn->error;
		if(!isset($rs['id']))
		{
			$rs['id'] = $conn->insert_id;
		}
		$conn->close();
		if($error)
			return array('Server Error' => $error);
		else
			return null;
	}
	static function Delete($id)
	{
		$conn = getConnection();
		$conn->query("DELETE FROM 2011_Users WHERE id=$id");
		$error = $conn->error;
		$conn->close();
		if($error)
			return array('Server Error' => $error);
		else
			return null;
	}
	static function Validate($rs)
	{
		$errors = array();
		if(count($errors) == 0)
			return null;
		return $errors;
	}
	static function EscapeAll($conn, $rs)
	{
		$ret = array();
		foreach($rs as $key => $value)
		{
			$ret[$key] = mysqli_real_escape_string($conn, $value);
		}
		return $ret;
	}
}


